How to manage
Microsoft 365 security
Quick guides to manage customers’ Microsoft 365 Secure Scores
Security Manager video tutorials on M365 security
In these quick tutorials learn how Security Manager can help you manage your customers’ Microsoft 365 security at scale.
Microsoft 365 Secure Scores
How to know where you stand today
SecurityRadar for 60+ M365 Security Reports
How to use data-driven insights for proactive and personalized customer sales engagement
Endpoint Security Configuration Baseline
How to quickly set up Endpoint security antivirus configuration baseline policies
Safe Links
How to improve Secure Scores by 80 points or more by adding Safe Links and Anti-Phishing policies
Anti-Phishing Policies
How to protect your customers from phishing attacks with new workflows
Microsoft 365 Settings
How to align common M365 security settings with Microsoft best practices
Microsoft 365 Security Monitoring
How to automate the monitoring of key M365 settings. Report and repair to save you time
Customer Review Report
How to facilitate customer conversations and grow your security practice
Anti-Spam Policies
How to set a baseline across all mailboxes to reduce user frustration with inbox spam
Anti-Malware Policies
How to quickly assess and protect your customers from Malware attacks
Exchange Online Settings
How to protect mailboxes and calendars from unwanted security risks
Security Alerts and Risky Users
How to find the most urgent M365 security issues and remediate them
Protect Against Password Spray Attack
How to remediate password spray attacks with just a couple of clicks
Microsoft 365 Security Baselines
How to easily show M365 security baseline configuration and identify items that haven’t yet met baseline standards
Solution Updates
How to instantly get the latest security solutions in Security Manager
Advanced Permissions and Sharing
How to easily configure permissions and give users role-appropriate access
Reduce Admin Login Proliferation
How to manage Microsoft 365 admins across multiple tenants
Secure Microsoft Teams with DLP
How to secure Microsoft Teams by implementing Data Loss Prevention across your customer base
Voice of the Partner
Hear from savvy partners and learn how they work smarter not just harder in delivering and monetizing M365 security for their customers
With the MFA Report in Security Manager, we’re able to analyze our customers’ MFA status quickly for all tenants and send them a monthly report about users that haven’t yet configured their authentication factors or are not MFA enabled.
Nicole Gutmann, Systems Engineer, MTF – EMEA
We have a duty of care to our customers so we proactively approach them with security suggestions and reports… Security Manager gives us the perfect way to get more consistency and repeatability in our Security delivery.
Sean Ernstzen, Managing Director, Impreza – EMEA
A challenge we’ve had in the past is consistency across all our clients. Having this consistency through Security Manager has been a big help. It’s amazing how many things we can do and automate with Security Manager.
Brian Minker, Partner, ABLE Technology Partners – US
What’s not to love about this? Find it, fix it, automate it. So much of security is attention management, and this coupled with the automation makes Security Manager a tremendous addition to the toolkit out there for partners.
Jonathan Davis, Principal Security Program Manager, Microsoft – US
Security Market
Customers’ appetite for security is high and MSPs are finding themselves already knee-deep in Microsoft 365 security
See Security Manager in action
Learn how Security Manager can help you improve customer security, reduce cost and accelerate growth for all your Microsoft 365 customers
Try Security Manager today
Frequently asked questions
How can I set custom Microsoft security baselines across all M365 tenants?
Security Manager comes with multiple out-of-the-box solutions for setting M365 baselines (see below). You can also create new or customize existing Baseline commands in the Security Manager Workbench.
- Assess and Apply Azure AD Security Baseline
- Assess and Apply Office 365 Security Baseline
How does Microsoft 365 Security Manager handle security reporting and monitoring?
Security Manager has multiple dashboards which can be used for cross-tenant at-a-glance monitoring or for drilling deeper into more specific security concerns for one or more customers. Security Manager also comes with multiple pre-created reports that can be run on demand or scheduled. You can also create new or customize existing reports in the Security Manager Workbench.
How to increase Microsoft Secure Score?
There are a lot of different ways to improve the Microsoft Secure Score. Security Manager provides at-a-glance insight into cross-tenant Secure Score as well as the individual Microsoft recommendations for improvement at a multi or single tenant level. Each recommendation has a corresponding command or workflow to assess customer(s) and implement the Microsoft recommendation to increase the Secure Scores.
Can I enable MFA across all my Microsoft 365 tenants at once?
Yes! There are multiple ways to implement MFA in Microsoft 365 and Security Manager comes with a workflow which will help you assess MFA across multiple customer tenants and then implement the Microsoft recommended solution for each customer based on their specific licensing.
How can I manage multiple tenants across Microsoft 365?
You can integrate Security Manager with Microsoft Partner Center. The integration imports your customers into Security Manager and allows Security Manger to connect to relevant services, like Graph and Exchange Online, to provide visibility into the tenants and administer security policies and baselines across the connected tenants either individually or en masse.
How does Security Manager ensure Microsoft security and compliance?
With dashboards, on demand reports, commands, and workflows, Security Manager arms an MSP with everything they need to successfully manage security and compliance for their customers Microsoft 365 tenants.
How can I set conditional access policies in Microsoft 365?
Security Manager comes with multiple commands and workflows for setting Conditional Access Policies. You can also create new or customize existing Conditional Access Policy Commands or Workflows in the Security Manager Workbench.
Can Microsoft 365 Security Manager detect and prevent Microsoft security threats in real-time?
No, the dashboards are updated nightly to provide visibility into Microsoft Security. Ad hoc reports can be run to gain on demand insights. However, today, Security Manager won’t be able to detect threats in real-time.
What are the best practices for Microsoft 365 Security Manager to enhance security in my organization?
Connect all of your M365 customers using the Partner Center Integration. Use the Security Manager Dashboards to monitor Secure Score, Microsoft Recommendations, alerts, and risky users. Use the Security Manager solutions to improve secure score, harden your customers’ security postures, and address risky users and Microsoft alerts.
Can you create a policy that forces the installation of MFA?
The method of enforcing MFA will depend upon the licensing of the tenant. That said, there is definitely a way to enforce MFA for all users across multiple tenants.
Is there a pre-built phishing remediation workflow available?
There is an anti-phishing policy workflow that reports on existing policies and helps you create/modify policies across all managed Microsoft 365 tenants. We also have individual commands that allow you to locate and purge emails from tenants impacted by phishing email.
Are there plans to integrate management of Quality Updates from InTune/MEM into Security Manager?
Security Manager has a connector to Endpoint Manager/InTune that supports automating any function exposed in their API. If you’re using InTune to manage devices, you can automate (and schedule) actions to be triggered and then reported out as an audit.
Does Security Manager have a workflow to identify how MFA is enforced (per-user, conditional access policy, security defaults) in each tenant?
Absolutely! Security Manager has workflows to identify how MFA is being enforced across multiple tenants via all methods (per-user, conditional access policy, and security default) and walks a user through Security Manager commands to create/enforce MFA where it is needed (depending on the results of the initial report).
Does this tie into any Azure Lighthouse capabilities and ENtra Permissions Management
Azure Lighthouse focuses on Azure tenants (not M365.) Microsoft does offer M365 Lighthouse for some visibility and limited remediations across M365 tenants. They also offer tenant-specific methods via Defender, the app admin portals, etc. The difference with Security Manager is that it starts with a cross-tenant perspective. Actions can be performed across all or a targeted set of tenants. Also, it’s focused on automating these tasks, not simply giving you an alternate portal to perform them one-by-one. Add to that the deep reporting, scheduling, and customization capabilities and you’ll see that Security Manager has been built specifically with the MSP’s needs in mind.
Can the policies be set at different restriction levels for various personas?
Policies can absolutely be applied to different restriction levels- depending on the policy scope you are trying to apply it to (administrators, all users, all devices, guest users, etc.). These will appear as parameters on the Run Form. Customer categorization (in this case, being referred to as various personas) is on our roadmap to be able to filter through your customers through their different personas such as their industry.
